Minor patch for WAF mechanism

stamparm · stamparm · commit 1f60dfc835c1 · 2017-10-16T11:42:11.000+02:00
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -1382,6 +1382,9 @@ def _(*args, **kwargs):
     retVal = []
 
     for function, product in kb.wafFunctions:
+        if retVal and "unknown" in product.lower():
+            continue
+
         try:
             logger.debug("checking for WAF/IPS/IDS product '%s'" % product)
             found = function(_)
diff --git a/waf/fortiweb.py b/waf/fortiweb.py
@@ -16,8 +16,9 @@ def detect(get_page):
     retval = False
 
     for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
+        page, headers, _ = get_page(get=vector)
         retval = re.search(r"\AFORTIWAFSID=", headers.get(HTTP_HEADER.SET_COOKIE, ""), re.I) is not None
+        retval |= all(_ in (page or "") for _ in (".fgd_icon", ".blocked", ".authenticate"))
         if retval:
             break
 
